One Article Review
| Source |  RiskIQ |
|---|---|
| Identifiant | 8476526 |
| Date de publication | 2024-04-05 13:39:39 (vue: 2024-04-05 14:08:03) |
| Titre | Même cibles, nouveaux manuels: les acteurs de la menace en Asie de l'Est utilisent des méthodes uniques Same targets, new playbooks: East Asia threat actors employ unique methods |
| Texte | ## Snapshot Microsoft has observed several notable cyber and influence trends from China and North Korea since June 2023 that demonstrate not only doubling down on familiar targets, but also attempts to use more sophisticated influence techniques to achieve their goals. Chinese cyber actors broadly selected three target areas over the last seven months. - One set of Chinese actors extensively targeted entities across the South Pacific Islands. - A second set of Chinese activity continued a streak of cyberattacks against regional adversaries in the South China Sea region. - Meanwhile, a third set of Chinese actors compromised the US defense industrial base. Chinese influence actors-rather than broadening the geographic scope of their targets-honed their techniques and experimented with new media. Chinese influence campaigns continued to refine AI-generated or AI-enhanced content. The influence actors behind these campaigns have shown a willingness to **both amplify AI-generated media that benefits their strategic narratives, as well as create their own video, memes, and audio content**. Such tactics have been used in campaigns stoking divisions within the United States and exacerbating rifts in the Asia-Pacific region-including Taiwan, Japan, and South Korea. These campaigns achieved varying levels of resonance with no singular formula producing consistent audience engagement. North Korean cyber actors made headlines for **increasing software supply chain attacks and cryptocurrency heists over the past year**. While strategic spear-phishing campaigns targeting researchers who study the Korean Peninsula remained a constant trend, North Korean threat actors appeared to make greater use of legitimate software to compromise even more victims. ## Activity Overview ### Chinese cyber operations target strategic partners and competitors #### Gingham Typhoon targets government, IT, and multinational entities across the South Pacific Islands **** *Figure 1: Observed events from Gingham Typhoon from June 2023 to January 2024 highlights their continued focus on South Pacific Island nations. However, much of this targeting has been ongoing, reflecting a yearslong focus on the region. Geographic locations and diameter of symbology are representational. * During the summer of 2023, Microsoft Threat Intelligence observed extensive activity from China-based espionage group Gingham Typhoon that targeted nearly every South Pacific Island country. Gingham Typhoon is the most active actor in this region, hitting international organizations, government entities, and the IT sector with complex phishing campaigns. Victims also included vocal critics of the Chinese government. Diplomatic allies of China who were victims of recent Gingham Typhoon activity include executive offices in government, trade-related departments, internet service providers, as well as a transportation entity. Heightened geopolitical and diplomatic competition in the region may be motivations for these offensive cyber activities. China pursues strategic partnerships with South Pacific Island nations to expand economic ties and broker diplomatic and security agreements. Chinese cyber espionage in this region also follows economic partners. For example, Chinese actors engaged in large-scale targeting of multinational organizations in Papua New Guinea, a longtime diplomatic partner that is benefiting from multiple Belt and Road Initiative (BRI) projects including the construction of a major highway which links a Papua New Guinea government building to the capital city\'s main road. (1) #### Chinese threat actors retain focus on South China Sea amid Western military exercises China-based threat actors continued to target entities related to China\'s economic and military interests in a |
| Envoyé | Oui |
| Condensat | ### #### $125 $35 $600 **1 **2 **3 **4 **ai **both **increasing */https:/gdfdhgkjhk *ai *figure *weeks 0062 022b 08; 106a; 10: 11: 12: 1376 13: 175 1: observed 1d03 1edc 20/ 2011 2012 2013 2017 2020 2022 2023 2023” 2024 2: observed 3219de3b0082 36ca 3cx 3d8c0c533e5b 4258 425f 42793 42a0 44dc 457a 45f8 46a2 46d7 474c 47f1 482d 4972 4a83 4cb9 4e25 5496 54bb686798f5 57bf 5b00 600 69fe 6: * 6c115c740d52 75th 77dd 7bc9541ee963 8019 805e 8408 861c 9/11 91491b3b0b36 9a01 9cdf a0c23c30ef76 a4c4 a641 a66d ab3c abd2 about access accident accompanied accounts accuse accused accusing achieve achieved acquired across action actioned actions active actively activists activities activity actor actors adapting addition additional additionally administration administrative advanced adversaries advisories/aa20 advisories/advanced advisories” aerospace affairs affiliated after against age agency aggressive agree agreements ahead ai/ aimed ai” alert alert: aligned alleged alleging alliance allies allowed alone alongside also ambitious america american americans amid among amount amplified amplify amplifying analysis analyzed anchors anchors**: anger anniversary another anti any apac appear appeared application approximately archive are areas around array asean asia asian ask asked aspistrategist aspx assess assesses assessment assets associated association atomic attack attacker attackers attacks attempted attempts attributed au/japan audience audiences audio audio**: augment augmenting august australia authentic azureedge b187 b372 backdoored backdoors backing bafybeibubf4ivvsadcgy4kjvbwynjk24rmkn7h7grtado4yvetd7c2ajbe base based basic bbsid=securityadvice bears been before began begun behind being belonging belt benefiting benefits between billion bln blog blog/2023 blogging both bowed brazil breadth bri broadening broadly broker building burning but bytedance c1471641e7b6 c61d ca/transparency cambodia camp campaign campaign/ campaigns campaign” can canada canadian candidate candidates capabilities capcut capital capitalizing carrying casinos cast catching caused ccp celebrate center chain chance characters checking china chinese circulated cisa citrine city claiming claims clips clone cms cnn coast coastal code collaborate collect collection com/ com/2023/05/10/politics/north com/2023/08/31/world/asia/china com/2023/09/11/us/politics/china com/2024/01/letter com/cms/api/am/binary/rw1afyw com/en com/news/front/archives/2024/01/11/2003811930 com/p/csm com/post/north com/reports/deepfake com/technology/cybersecurity/un com/world/asia comment comments commonly communist community companies company competition competitors complex compromise compromised compromises compromising concerted conduct conducted confidence consider consistent consistently conspiracy conspiratorial constant construction contained containing content content** contents content to content” contest continue continued continues contractors control controversial convinced coordination corruption costa could countdown countering countries country county cover covert create created creating critical criticized criticizing critics crypto cryptocurrency current customers cve cyber cyberattacks cyberattacks/index daiichi daily data david david/ david” day days days” debunked dec december decision deepfake defectors defense deliberately democratic demographics demonstrate denmark departments depicted derailed derailment derailment** derogatory designation despite detailed developed developers development devices diameter diamond did different digital diplomatic diplomats direction disable disclosed discord discussing disillusionment disinformation disposal dispose dissident dissidents divisions document documented dollars domain domestic doubling doubt down downstream dozens dpp draft drills drug dumping during e177edfbdb4e early east economic ecosystem education efdf455531ff effective effectiveness” effects efficient effort efforts election elections electronic eliciting embarks embezzling emerald employ employed employees employees/ employees” enable enabl |
| Tags | Malware Tool Vulnerability Threat Studies Industrial Prediction Technical |
| Stories | Guam |
| Notes | ★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.